From 4e0bb13571f85b720052233a91bf9e321c60caa9 Mon Sep 17 00:00:00 2001
From: ralf <rb@egroupware.org>
Date: Thu, 8 Sep 2022 16:52:32 +0200
Subject: [PATCH] reinsert filtered <style></style> section at initial position
 no longer at the beginning as this can insert unwanted extra lines in mail,
 if signature contains a style block

---
 api/src/Html/HtmLawed.php | 23 ++++++++++++++++++-----
 1 file changed, 18 insertions(+), 5 deletions(-)

diff --git a/api/src/Html/HtmLawed.php b/api/src/Html/HtmLawed.php
index 2e80f30a7f..2445d2eaca 100644
--- a/api/src/Html/HtmLawed.php
+++ b/api/src/Html/HtmLawed.php
@@ -116,7 +116,9 @@ class HtmLawed
 		// put it back in after purifying; styles are processed for known security risks
 		// in self::getStyles
 		// we allow filtered style sections now throughout egroupware
-		/*if ($Config['hook_tag'] =="hl_email_tag_transform")*/ $styles = self::getStyles($html2check);
+		/*if ($Config['hook_tag'] =="hl_email_tag_transform")*/
+		$replacement = '<style>.something{color:red}</style>';
+		$styles = self::getStyles($html2check, $replacement);
 		//error_log(__METHOD__.__LINE__.array2string($styles));
 		//error_log(__METHOD__.__LINE__.' Config:'.array2string($Config));
 
@@ -125,17 +127,28 @@ class HtmLawed
 		{
 			$Config['hook_tag']=__NAMESPACE__.'\\'.$Config['hook_tag'];
 		}
-		return ($styles?$styles:'').htmLawed($html2check, $Config, $Spec);
+		$validated = htmLawed($html2check, $Config, $Spec);
+		if (strpos($validated, $replacement) !== false)
+		{
+			return str_replace($replacement, $styles, $validated);
+		}
+		// htmLawed seems to remove the style tabs
+		elseif (strpos($validated, $replacement=preg_replace('#</?style>#', '', $replacement)) !== false)
+		{
+			return str_replace($replacement, $styles, $validated);
+		}
+		return ($styles?:'').$validated;
 	}
 
 	/**
 	 * get all style tag definitions, <style> stuff </style> of the html passed in
 	 * and remove it from input
 	 * @author Leithoff, Klaus
-	 * @param string html
+	 * @param string& html
+	 * @param string $replace='' text to replace returned styles with, default ""
 	 * @return string the style css
 	 */
-	static function getStyles(&$html)
+	static function getStyles(&$html, $replace='')
 	{
 		$ct=0;
 		$newStyle = null;
@@ -146,7 +159,7 @@ class HtmLawed
 			$style2buffer = implode('',$newStyle[0]);
 			// only replace what we have found, we use it here, as we use the same routine in Api\Mail\Html::replaceTagsCompletley
 			// no need to do the extra routine
-			$html = str_ireplace($newStyle[0],'',$html);
+			$html = str_ireplace($newStyle[0], $replace, $html);
 		}
 		if (!empty($style2buffer))
 		{